From owner-freebsd-questions@FreeBSD.ORG Wed Aug 20 13:08:39 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEF0216A4BF for ; Wed, 20 Aug 2003 13:08:39 -0700 (PDT) Received: from which.isds.duke.edu (which.isds.duke.edu [152.3.22.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 228C543FA3 for ; Wed, 20 Aug 2003 13:08:39 -0700 (PDT) (envelope-from vangyzen@stat.duke.edu) Received: from sinatra.isds.duke.edu (sinatra.isds.duke.edu [152.3.22.120]) by which.isds.duke.edu (Postfix) with ESMTP id 63278C3847; Wed, 20 Aug 2003 16:08:38 -0400 (EDT) From: Eric van Gyzen Organization: ISDS, Duke University To: aaron@eecs.harvard.edu, freebsd-questions@freebsd.org Date: Wed, 20 Aug 2003 16:08:38 -0400 User-Agent: KMail/1.5 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200308201608.38118.vangyzen@stat.duke.edu> Subject: Re: NIS stealing low-numbered ports? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2003 20:08:40 -0000 Aaron, I am having similar trouble with 5.1. For me, rpc.lockd is eating up all my low (privileged) udp ports. You can tell the system to use a different range for low ports. Use the sysctl command and tweak the net.inet.ip.portrange.lowlast variable. By default, it sets the lower bound for privileged ports to 600. You might increase it past 631 to ensure that no process snatches it up. Of course, you would have fewer privileged ports, which might create problems on a busy machine running NIS (which is the situtation that brought this problem to my attention). Cheers, Eric Aaron Mandel wrote: > I'm running 4.7, using both NIS and cups. There has now twice been a > problem where printing via cups started failing because cups > couldn't open UDP port 631 to talk to the cups server, and both > times, when I looked, there was an sshd belonging to some random > (logged-in) user claiming that port. I found a short thread in the > list archives from a few months ago saying that this was normal > behavior with NIS, but shouldn't it be taking higher-numbered ports? > The range of ports it uses seems to be about 600-1024; if there's a > way to configure those numbers, we haven't found it. > > Has anyone else had this problem and found a satisfactory solution? -- Eric van Gyzen Sr. Systems Programmer http://www.stat.duke.edu/~vangyzen/ ISDS, Duke University